Hackers Use Printers to Send Malicious Code

Posted Date 01/08/18

Hackers are tapping HP, Canon, and Epson printers and scanners to send malicious code hidden in PDF files, IT security firm Baracuda has warned. Its experts explain that the cybercriminals send emails with PDF attachments and the sender is a network printer or scanner. This sort of emails are so common, the Baracuda experts say, that people seldom stop to think if there may be something wrong with opening the attachment.

The typical subject line for these attack attempts is “Scanned from HP/Epson/Canon” and contains an attachment. These attachments tend to imitate legitimate file extensions to hide the malicious code in the file. Once the person clicks on the file, the hackers gain remote access and control over their PC. They can access shares on the PC system using Windows Explorer and tap files containing credentials they can then use for other attacks.

To avoid having your system compromised it’s enough to follow some simple precaution steps, such as only opening a scanned document that you knew was coming, double-checking with the sender in case you didn’t know a scanned file was coming and , finally, hover with the mouse over the attachment to make sure its extension is legitimate.